from the even-worse-than-we-thought dept

Back in February we wrote about the ominously-named "Clean IT" project in Europe, designed to combat the use of the Internet by terrorists. At that time, we suspected that this would produce some seriously bad ideas, but a leaked document obtained by EDRI shows that these are actually much worse than feared (pdf), amounting to a system of continuous surveillance, extrajudicial removal of content and some new proposals that can only be described as deranged.

The leaked document contradicts a letter sent from CleanIT Coordinator But Klaasen to Dutch NGO Bits of Freedom in April of this year, which explained that the project would first identify problems before making policy proposals. The promise to defend the rule of law has been abandoned. There appears never to have been a plan to identify a specific problem to be solved – instead the initiative has become little more than a protection racket (use filtering or be held liable for terrorist offences) for the online security industry.

Instead of tackling concrete problems, the vague threat of "terrorism" is constantly invoked -- without ever defining what that means -- to justify a range of extreme measures. At the heart of the plans lies the "voluntarism" we discussed a few weeks ago:

Governments should stimulate self-regulation by Internet companies

And where there are laws, it must be OK for law enforcement agencies (LEAs) to ignore them and have content taken down on demand:

It must be legal for LEAs to make Internet companies aware of terrorist content on their infrastructure ('flagging') that should be removed, without following the more labour intensive and formal procedures for 'notice and take action'

Due process, who needs it? The plans also require some interesting new laws, like this one criminalizing merely posting certain hyperlinks:

Knowingly providing hyperlinks on websites to terrorist content must be defined by law as illegal just like the terrorist content itself

Here's another proposal -- no more anonymity online:

Internet companies must allow only real, common names. These must be entered when registering.

So what happens if you have an uncommon name? And then there's this:

Social media companies must allow only real pictures of users

Presumably you're not allowed to smile, either. Talking of social media, the Clean IT plans include the introduction of friendly "virtual police officers", constantly spying on, er, watching over Europeans online:

Virtual police officers must be used to show law enforcement is present, is watchful, in order to prevent terrorist use of the Internet and make regular users feel more secure.

The idea is that "virtual police officers" will be keeping an eye on you -- for your own safety, you understand. Other ways in which users will be protected from themselves is through the use of filters:

All kinds of Internet companies, LEAs and NGOs, but not governments, should promote the use of end-user controlled filters among their clients, the public and supporters

Note that "not governments" part -- people mustn't get the idea that this is censorship, oh no. Also required will be automated detection systems, because we know how well they work:

Automated detection systems must be used by LEAs, NGOs and Internet companies.

Among the even more interesting proposals in the leaked document seems to be the idea that the authorities can order encryption to be turned off, presumably to allow eavesdropping:

In some cases notice and take action procedures must lead to security certificates of sites to be downgraded.

But surely the most bizarre proposal for dealing with "abuse" -- an attempt to dress up as lamb the tired old mutton of "terrorism" -- is the following:

The use of platforms in languages abuse specialists or abuse systems do not master should be unacceptable and preferably technically impossible.

Incredible though it might sound, that seems to suggest that less common foreign languages would be banned from the European Internet entirely in case anybody discusses naughty stuff without the authorities being able to spy on them (haven't they heard of Google Translate?) You could hardly hope for a better symbol of the paranoid and xenophobic thinking that lies behind this crazy scheme.

Re:

'You could hardly hope for a better symbol of the paranoid and xenophobic thinking that lies behind this crazy scheme.'

and where does this come from? as horrendous as 9/11 was, as horrendous as the UK tube and bus bombings were, this paranoia has stemmed from the US. members of the government and law enforcement are making the anti-terrorism measures produce worse results than the terrorist acts themselves. everyone is so concerned with stopping something bad from happening, they are doing exactly what the terrorists want, removing freedoms, human rights and constantly spying on all citizens regardless of whether there is cause to or not. ridiculous!

Re:

Re:

Nope. These ideas he are just that: Ideas. If the commission thinks any of them are worth anything they might try to use them in the upcoming anti internet terror laws coming up, but they have enough other projects on the exact same subject, without public input they have spend much more money so I am pretty sure that will not happen.

The project is low budget and cannot affort many large meetings for discussion.

The project takes in any ideas they can get and they do not filter!

The projects goal is not to create laws but to force some cooperative efforts between public and private to fight "terrorism" on the internet.

For some reason the participating organisations do not want their names made public...

Klaasen makes it clear that "security" is a concern in this project and there is a need for confidentiality. (Why? As far as I can see, the big "security" problem is about attendants not wanting to be known to the rest of the participants, "the public". With the relatively limited interest for the project, I can see the issue, but hiding it behind "security" instead of calling it "anonymity" is dishonest imo.)

Read the french interview (most recent) to really understand the reasons behind the project.

Some of my favourites include, but are not limited to:
- The Onions favourite gag called the "deep web" where the criminals go, but someone appearently told him it doesnt exist, so he wanted to reword the "deep web" to "some people are smarter than others" (and that is a surprise for all of us!)!
- The future coalition between hackers and terrorists.
- The primary focus is the Jihadists and other groups on EUs terror-list!

With respect to terrorist material :-
Marielle Gallo who chaired one of the committees, and supports the treaty, made some interesting comments over this :-
"We're supposed to represent citizens, but since they are busy with other things, we are supposed to think for them!"
and
"It's not only a disinformation campaign. It's a soft form of terrorism that frightens people. People are being scared. It's a fantasy. ACTA has become a fantasy. And that, that's propagated by the whole Internet network."

"The EU has defined terrorist offences as ‘intentional acts which ... may seriously damage ... an international organization where committed with the aim of ... seriously destabilizing ... the fundamental ... economic [structure] of ... an international organization” (EU FD, 13 June 2002 on combating terrorism).

Re: Definition of terrorism

So by effectively defining almost every European a terrorist they don't need to go the FBI's route of having to create and expose their own terror plots. They can just round up anyone they want when they want to show how awesome they are at exposing terror plots.

Re: Definition of terrorism

The European Union (EU) has defined terrorist offences as ‘intentional acts which, given their nature or context, may seriously damage a country or an international organization where committed with the aim of: seriously intimidating a population, or unduly compelling a Government or international organization to perform or abstain from performing any act, or seriously destabilizing or destroying the fundamental political, constitutional, economic or social structures of a country or an international organization

tis the whole one. and it looks to me that this program does all of the above... besides maybe political...

Re:

Not only that but I'm at a loss to understand how the presence of virtual police officers would make anyone feel more secure in any case. What would they do? Virtually chase virtual muggers down virtual alleys and get our virtual wallets back?

The only thing they can do is spy, so I can see how their presence would make a lot of regular users feel much less secure.

I'm proud of the EU

Hi this is Adolf. I'm burning in hell right now, but I want to pass on my support for the Clean IT plan. You've taken my master plan and turned it into the Final Solution. On behalf of EU citizens, I thank you from the bottom of my black heart.

Terrorism?

I feel threatened by THIS. Clean IT scares me, NOT terrorism. I have never ever, not once, encountered a form of what I would consider to be terrorism in my daily experience of life. At all costs, STOP THIS — Clean IT is terrorism.

On a less-important side note, where's the punctuation of the italicized statements?

Re: Re: Terrorism?

Not meaning to hate on service members and others, as this legislation has nothing to do with them, but there comes a point when the need to fight "terrorism" goes beyond rational and into the realm of 1984...

Re: Re: Terrorism?

Sorry, but 'causing more harm to society than a terrorist could ever dream of' does not count as 'fighting' terrorism, unless the idea is to put the terrorists out of business or make them quit in pity.

Mind, I'm talking about the politicians who are pushing all this 'anti-terrorist' crap that is anything but, I don't blame soldiers for just doing what they're ordered to do unless it's something blatantly illegal/immoral, even if I do think the idea that you can kill a group/mindset that already hates you is an exercise in futility at best.

Re: Re: Terrorism?

You have not, because people are fighting them to protect you

Really? That's why? Prove it. Seriously.

It is being demanded of us that we sacrifice some amount of freedom and security to the state in the name of "protecting against terrorism". I, for one, would like to see some evidence that our sacrifices are responsible for that happening.

Re: Re: Terrorism?

Re: Re: Terrorism?

I can't tell if you're being sarcastic, but i have to ask: what the hell does Iran have to do with anything?
The only thing i can think of is the flame virus, which, if anything is a terror attack on Iran.

Hogwash

This is not even remotely about "safety" on line. It is all down to controlling the net in the way Big Content have been trying to do for years. I can see the net gradually being dismantled before our eyes, piece by piece, if we don't get people in "power" with some tech-savvy and common sense.

EU Officials - not!

The headline is misleading. EU officials are not proposing this. Clean IT is just one of a multitude of projects co-funded by a crime prevention programme of the European Commission, but which are designed and carried out by external consortia, see http://ec.europa.eu/dgs/home-affairs/financing/fundings/pdf/isec/2010_fpa_all_awarded.pdf. Any recommendations issued from the project are not per se endorsed by the EU. In this case the project partners are security agencies of a number of EU countries, but the work is probably being done by low- or mid-level staffers and hasn't even been reviewed by their respective ministers. I would be more concerned about the fact that 300000 EUR of European taxpayers' money has been spent on such nonsense.

So by this definition would Julian Assange be considered a terrorist? Cause I so see them talking it there and everyone that makes a statement about how a government is corrupt and we should protest will be deleted of the internet. Just last week one of our comedians was calling merkel a fat cow, many such comments are bound to be made about her and sarkozy with way things are being handled with the countries that are in the toiled, will those comments be banned? 1984 here we come (we never seen to be too far from it, at any time)

I dont want to live on this planet anymore!!!

As they are written as of this article... most of these laws would be:
1. Completely unenforceable (especially the real pics on social media bit)
2. Technology is developing so fast that by the time this were to be implemented it would be completely outdated and be about as useful as a tampon in a flood (will only catch only the ignorant and the inept "terrorists"... or angry little kids)
And on a side note, i keep hearing politicians in america talking about 1984 when the government wants to provide a basic level of medical care for them... -.- i give up... i dont want to live on this planet anymore!!

Boy, doesn't this sound just like the Nazis in 1942?

Encryption

Does this mean all encryption would be illegal too? If talking in obscure languages, etc and having everything open is what they're suggesting, it's only logical that they'd want that too. And to anyone thinking that only the very few will use it, that's essentially what HTTPS is. A whole heap of websites, especially ones where the data is very private, such as banks, use this. Even google searches are done over it now! They can't get at that stuff, nevermind any other methods of encryption done on top of that!

Banned encryption?

So encryption should be made illegal?
What about PGP/GPG software?
Should I go to jail for using them?
In fact terrorists may simply use the steganography to hide their secret evil messages in the "aunt Jane and family" photos :P